﻿using IdentityModel;
using IdentityServer4;
using IdentityServer4.Models;
using IdentityServer4.Test;
using Microsoft.Extensions.Configuration;

namespace Basic.Identity4;

/// <summary>
/// identityServer配置
/// </summary>
public class IdentityServerConfig
{
    public static IEnumerable<ApiScope> ApiScopes
    {
        get
        {
            var claims = new List<string> { JwtClaimTypes.Id, JwtClaimTypes.Name, JwtClaimTypes.Role, JwtClaimTypes.JwtId, JwtClaimTypes.SessionId };
            return new List<ApiScope> { new ApiScope("api") { UserClaims = claims } };
        }
    }

    /// <summary>
    /// 定义资源范围
    /// </summary>
    public static IEnumerable<ApiResource> GetApiResources() => new List<ApiResource> { new ApiResource("api", "我的第一个API") };

    /// <summary>
    /// 这个方法是来规范tooken生成的规则和方法的。一般不进行设置，直接采用默认的即可。
    /// </summary>
    /// <returns></returns>
    public static IEnumerable<IdentityResource> IdentityResources
    {
        get
        {
            return new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), };
        }
    }

    public static int AccessTokenLifetime { get; set; } = 7200;

    public static IEnumerable<Client> GetClients(IConfigurationSection section)
    {
        var secret = section?.Get<string>() ?? "123123123123";
        return new List<Client>
        {
            new Client()
            {
                ClientId = "pwdClient", //客户端id
                AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, //密码模式 
                AccessTokenLifetime = AccessTokenLifetime,
                //AllowOfflineAccess=true, //获取刷新令牌
                //配置 客户端模式 的密钥
                ClientSecrets={
                    new Secret(secret.Sha256())
                },
                RequireClientSecret = false, //客户端client_secret密钥可以不传
                AllowedScopes={
                    IdentityServerConstants.StandardScopes.OpenId,
                    IdentityServerConstants.StandardScopes.Profile,
                    "scope"
                } //指定该客户端可以访问范围内的 resources
            }
        };
    }

    public static List<TestUser> ClientUsers
    {
        get
        {
            List<TestUser> users = new List<TestUser>();
            users.Add(new TestUser
            {
                Username = "Test",
                Password = "Test",
                IsActive = true,
                ProviderName = "Test",
                ProviderSubjectId = "1",
                SubjectId = "1",
            });
            return users;
        }
    }

}